Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(840)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_security_headers_unittest.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/mime_util_unittest.cc ('K') | « net/http/http_security_headers.cc ('k') | net/http/http_server_properties.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <algorithm> 5 #include <algorithm>
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/sha1.h" 8 #include "base/sha1.h"
9 #include "base/strings/string_piece.h" 9 #include "base/strings/string_piece.h"
10 #include "crypto/sha2.h" 10 #include "crypto/sha2.h"
(...skipping 11 matching lines...) Expand all
22 22
23 HashValue GetTestHashValue(uint8 label, HashValueTag tag) { 23 HashValue GetTestHashValue(uint8 label, HashValueTag tag) {
24 HashValue hash_value(tag); 24 HashValue hash_value(tag);
25 memset(hash_value.data(), label, hash_value.size()); 25 memset(hash_value.data(), label, hash_value.size());
26 return hash_value; 26 return hash_value;
27 } 27 }
28 28
29 std::string GetTestPin(uint8 label, HashValueTag tag) { 29 std::string GetTestPin(uint8 label, HashValueTag tag) {
30 HashValue hash_value = GetTestHashValue(label, tag); 30 HashValue hash_value = GetTestHashValue(label, tag);
31 std::string base64; 31 std::string base64;
32 base::Base64Encode(base::StringPiece( 32 base::Base64Encode(
33 reinterpret_cast<char*>(hash_value.data()), hash_value.size()), &base64); 33 base::StringPiece(reinterpret_cast<char*>(hash_value.data()),
34 hash_value.size()),
35 &base64);
34 36
35 switch (hash_value.tag) { 37 switch (hash_value.tag) {
36 case HASH_VALUE_SHA1: 38 case HASH_VALUE_SHA1:
37 return std::string("pin-sha1=\"") + base64 + "\""; 39 return std::string("pin-sha1=\"") + base64 + "\"";
38 case HASH_VALUE_SHA256: 40 case HASH_VALUE_SHA256:
39 return std::string("pin-sha256=\"") + base64 + "\""; 41 return std::string("pin-sha256=\"") + base64 + "\"";
40 default: 42 default:
41 NOTREACHED() << "Unknown HashValueTag " << hash_value.tag; 43 NOTREACHED() << "Unknown HashValueTag " << hash_value.tag;
42 return std::string("ERROR"); 44 return std::string("ERROR");
43 } 45 }
44 } 46 }
45
46 }; 47 };
47 48
48 49 class HttpSecurityHeadersTest : public testing::Test {};
49 class HttpSecurityHeadersTest : public testing::Test {
50 };
51
52 50
53 TEST_F(HttpSecurityHeadersTest, BogusHeaders) { 51 TEST_F(HttpSecurityHeadersTest, BogusHeaders) {
54 base::TimeDelta max_age; 52 base::TimeDelta max_age;
55 bool include_subdomains = false; 53 bool include_subdomains = false;
56 54
57 EXPECT_FALSE( 55 EXPECT_FALSE(ParseHSTSHeader(std::string(), &max_age, &include_subdomains));
58 ParseHSTSHeader(std::string(), &max_age, &include_subdomains));
59 EXPECT_FALSE(ParseHSTSHeader(" ", &max_age, &include_subdomains)); 56 EXPECT_FALSE(ParseHSTSHeader(" ", &max_age, &include_subdomains));
60 EXPECT_FALSE(ParseHSTSHeader("abc", &max_age, &include_subdomains)); 57 EXPECT_FALSE(ParseHSTSHeader("abc", &max_age, &include_subdomains));
61 EXPECT_FALSE(ParseHSTSHeader(" abc", &max_age, &include_subdomains)); 58 EXPECT_FALSE(ParseHSTSHeader(" abc", &max_age, &include_subdomains));
62 EXPECT_FALSE(ParseHSTSHeader(" abc ", &max_age, &include_subdomains)); 59 EXPECT_FALSE(ParseHSTSHeader(" abc ", &max_age, &include_subdomains));
63 EXPECT_FALSE(ParseHSTSHeader("max-age", &max_age, &include_subdomains)); 60 EXPECT_FALSE(ParseHSTSHeader("max-age", &max_age, &include_subdomains));
64 EXPECT_FALSE(ParseHSTSHeader(" max-age", &max_age, 61 EXPECT_FALSE(ParseHSTSHeader(" max-age", &max_age, &include_subdomains));
65 &include_subdomains)); 62 EXPECT_FALSE(ParseHSTSHeader(" max-age ", &max_age, &include_subdomains));
66 EXPECT_FALSE(ParseHSTSHeader(" max-age ", &max_age,
67 &include_subdomains));
68 EXPECT_FALSE(ParseHSTSHeader("max-age=", &max_age, &include_subdomains)); 63 EXPECT_FALSE(ParseHSTSHeader("max-age=", &max_age, &include_subdomains));
69 EXPECT_FALSE(ParseHSTSHeader(" max-age=", &max_age, 64 EXPECT_FALSE(ParseHSTSHeader(" max-age=", &max_age, &include_subdomains));
70 &include_subdomains)); 65 EXPECT_FALSE(ParseHSTSHeader(" max-age =", &max_age, &include_subdomains));
71 EXPECT_FALSE(ParseHSTSHeader(" max-age =", &max_age, 66 EXPECT_FALSE(
72 &include_subdomains)); 67 ParseHSTSHeader(" max-age= ", &max_age, &include_subdomains));
73 EXPECT_FALSE(ParseHSTSHeader(" max-age= ", &max_age, 68 EXPECT_FALSE(
74 &include_subdomains)); 69 ParseHSTSHeader(" max-age = ", &max_age, &include_subdomains));
75 EXPECT_FALSE(ParseHSTSHeader(" max-age = ", &max_age, 70 EXPECT_FALSE(
76 &include_subdomains)); 71 ParseHSTSHeader(" max-age = xy", &max_age, &include_subdomains));
77 EXPECT_FALSE(ParseHSTSHeader(" max-age = xy", &max_age, 72 EXPECT_FALSE(ParseHSTSHeader(
78 &include_subdomains)); 73 " max-age = 3488a923", &max_age, &include_subdomains));
79 EXPECT_FALSE(ParseHSTSHeader(" max-age = 3488a923", &max_age, 74 EXPECT_FALSE(
80 &include_subdomains)); 75 ParseHSTSHeader("max-age=3488a923 ", &max_age, &include_subdomains));
81 EXPECT_FALSE(ParseHSTSHeader("max-age=3488a923 ", &max_age, 76 EXPECT_FALSE(
82 &include_subdomains)); 77 ParseHSTSHeader("max-ag=3488923", &max_age, &include_subdomains));
83 EXPECT_FALSE(ParseHSTSHeader("max-ag=3488923", &max_age, 78 EXPECT_FALSE(
84 &include_subdomains)); 79 ParseHSTSHeader("max-aged=3488923", &max_age, &include_subdomains));
85 EXPECT_FALSE(ParseHSTSHeader("max-aged=3488923", &max_age, 80 EXPECT_FALSE(
86 &include_subdomains)); 81 ParseHSTSHeader("max-age==3488923", &max_age, &include_subdomains));
87 EXPECT_FALSE(ParseHSTSHeader("max-age==3488923", &max_age, 82 EXPECT_FALSE(
88 &include_subdomains)); 83 ParseHSTSHeader("amax-age=3488923", &max_age, &include_subdomains));
89 EXPECT_FALSE(ParseHSTSHeader("amax-age=3488923", &max_age, 84 EXPECT_FALSE(
90 &include_subdomains)); 85 ParseHSTSHeader("max-age=-3488923", &max_age, &include_subdomains));
91 EXPECT_FALSE(ParseHSTSHeader("max-age=-3488923", &max_age, 86 EXPECT_FALSE(
92 &include_subdomains)); 87 ParseHSTSHeader("max-age=3488923 e", &max_age, &include_subdomains));
93 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 e", &max_age, 88 EXPECT_FALSE(ParseHSTSHeader(
94 &include_subdomains)); 89 "max-age=3488923 includesubdomain", &max_age, &include_subdomains));
95 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomain", 90 EXPECT_FALSE(ParseHSTSHeader(
96 &max_age, &include_subdomains)); 91 "max-age=3488923includesubdomains", &max_age, &include_subdomains));
97 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923includesubdomains", 92 EXPECT_FALSE(ParseHSTSHeader(
98 &max_age, &include_subdomains)); 93 "max-age=3488923=includesubdomains", &max_age, &include_subdomains));
99 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923=includesubdomains", 94 EXPECT_FALSE(ParseHSTSHeader(
100 &max_age, &include_subdomains)); 95 "max-age=3488923 includesubdomainx", &max_age, &include_subdomains));
101 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomainx", 96 EXPECT_FALSE(ParseHSTSHeader(
102 &max_age, &include_subdomains)); 97 "max-age=3488923 includesubdomain=", &max_age, &include_subdomains));
103 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomain=", 98 EXPECT_FALSE(ParseHSTSHeader(
104 &max_age, &include_subdomains)); 99 "max-age=3488923 includesubdomain=true", &max_age, &include_subdomains));
105 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomain=true", 100 EXPECT_FALSE(ParseHSTSHeader(
106 &max_age, &include_subdomains)); 101 "max-age=3488923 includesubdomainsx", &max_age, &include_subdomains));
107 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomainsx", 102 EXPECT_FALSE(ParseHSTSHeader(
108 &max_age, &include_subdomains)); 103 "max-age=3488923 includesubdomains x", &max_age, &include_subdomains));
109 EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomains x", 104 EXPECT_FALSE(ParseHSTSHeader(
110 &max_age, &include_subdomains)); 105 "max-age=34889.23 includesubdomains", &max_age, &include_subdomains));
111 EXPECT_FALSE(ParseHSTSHeader("max-age=34889.23 includesubdomains", 106 EXPECT_FALSE(ParseHSTSHeader(
112 &max_age, &include_subdomains)); 107 "max-age=34889 includesubdomains", &max_age, &include_subdomains));
113 EXPECT_FALSE(ParseHSTSHeader("max-age=34889 includesubdomains", 108 EXPECT_FALSE(ParseHSTSHeader(";;;; ;;;", &max_age, &include_subdomains));
114 &max_age, &include_subdomains)); 109 EXPECT_FALSE(ParseHSTSHeader(
115 EXPECT_FALSE(ParseHSTSHeader(";;;; ;;;", 110 ";;;; includeSubDomains;;;", &max_age, &include_subdomains));
116 &max_age, &include_subdomains)); 111 EXPECT_FALSE(ParseHSTSHeader(
117 EXPECT_FALSE(ParseHSTSHeader(";;;; includeSubDomains;;;", 112 " includeSubDomains; ", &max_age, &include_subdomains));
118 &max_age, &include_subdomains)); 113 EXPECT_FALSE(ParseHSTSHeader(";", &max_age, &include_subdomains));
119 EXPECT_FALSE(ParseHSTSHeader(" includeSubDomains; ", 114 EXPECT_FALSE(ParseHSTSHeader("max-age; ;", &max_age, &include_subdomains));
120 &max_age, &include_subdomains));
121 EXPECT_FALSE(ParseHSTSHeader(";",
122 &max_age, &include_subdomains));
123 EXPECT_FALSE(ParseHSTSHeader("max-age; ;",
124 &max_age, &include_subdomains));
125 115
126 // Check the out args were not updated by checking the default 116 // Check the out args were not updated by checking the default
127 // values for its predictable fields. 117 // values for its predictable fields.
128 EXPECT_EQ(0, max_age.InSeconds()); 118 EXPECT_EQ(0, max_age.InSeconds());
129 EXPECT_FALSE(include_subdomains); 119 EXPECT_FALSE(include_subdomains);
130 } 120 }
131 121
132 static void TestBogusPinsHeaders(HashValueTag tag) { 122 static void TestBogusPinsHeaders(HashValueTag tag) {
133 base::TimeDelta max_age; 123 base::TimeDelta max_age;
134 bool include_subdomains; 124 bool include_subdomains;
135 HashValueVector hashes; 125 HashValueVector hashes;
136 HashValueVector chain_hashes; 126 HashValueVector chain_hashes;
137 127
138 // Set some fake "chain" hashes 128 // Set some fake "chain" hashes
139 chain_hashes.push_back(GetTestHashValue(1, tag)); 129 chain_hashes.push_back(GetTestHashValue(1, tag));
140 chain_hashes.push_back(GetTestHashValue(2, tag)); 130 chain_hashes.push_back(GetTestHashValue(2, tag));
141 chain_hashes.push_back(GetTestHashValue(3, tag)); 131 chain_hashes.push_back(GetTestHashValue(3, tag));
142 132
143 // The good pin must be in the chain, the backup pin must not be 133 // The good pin must be in the chain, the backup pin must not be
144 std::string good_pin = GetTestPin(2, tag); 134 std::string good_pin = GetTestPin(2, tag);
145 std::string backup_pin = GetTestPin(4, tag); 135 std::string backup_pin = GetTestPin(4, tag);
146 136
147 EXPECT_FALSE(ParseHPKPHeader(std::string(), chain_hashes, &max_age, 137 EXPECT_FALSE(ParseHPKPHeader(
148 &include_subdomains, &hashes)); 138 std::string(), chain_hashes, &max_age, &include_subdomains, &hashes));
149 EXPECT_FALSE(ParseHPKPHeader(" ", chain_hashes, &max_age, 139 EXPECT_FALSE(ParseHPKPHeader(
150 &include_subdomains, &hashes)); 140 " ", chain_hashes, &max_age, &include_subdomains, &hashes));
151 EXPECT_FALSE(ParseHPKPHeader("abc", chain_hashes, &max_age, 141 EXPECT_FALSE(ParseHPKPHeader(
152 &include_subdomains, &hashes)); 142 "abc", chain_hashes, &max_age, &include_subdomains, &hashes));
153 EXPECT_FALSE(ParseHPKPHeader(" abc", chain_hashes, &max_age, 143 EXPECT_FALSE(ParseHPKPHeader(
154 &include_subdomains, &hashes)); 144 " abc", chain_hashes, &max_age, &include_subdomains, &hashes));
155 EXPECT_FALSE(ParseHPKPHeader(" abc ", chain_hashes, &max_age, 145 EXPECT_FALSE(ParseHPKPHeader(
156 &include_subdomains, &hashes)); 146 " abc ", chain_hashes, &max_age, &include_subdomains, &hashes));
157 EXPECT_FALSE(ParseHPKPHeader("max-age", chain_hashes, &max_age, 147 EXPECT_FALSE(ParseHPKPHeader(
158 &include_subdomains, &hashes)); 148 "max-age", chain_hashes, &max_age, &include_subdomains, &hashes));
159 EXPECT_FALSE(ParseHPKPHeader(" max-age", chain_hashes, &max_age, 149 EXPECT_FALSE(ParseHPKPHeader(
160 &include_subdomains, &hashes)); 150 " max-age", chain_hashes, &max_age, &include_subdomains, &hashes));
161 EXPECT_FALSE(ParseHPKPHeader(" max-age ", chain_hashes, &max_age, 151 EXPECT_FALSE(ParseHPKPHeader(
162 &include_subdomains, &hashes)); 152 " max-age ", chain_hashes, &max_age, &include_subdomains, &hashes));
163 EXPECT_FALSE(ParseHPKPHeader("max-age=", chain_hashes, &max_age, 153 EXPECT_FALSE(ParseHPKPHeader(
164 &include_subdomains, &hashes)); 154 "max-age=", chain_hashes, &max_age, &include_subdomains, &hashes));
165 EXPECT_FALSE(ParseHPKPHeader(" max-age=", chain_hashes, &max_age, 155 EXPECT_FALSE(ParseHPKPHeader(
166 &include_subdomains, &hashes)); 156 " max-age=", chain_hashes, &max_age, &include_subdomains, &hashes));
167 EXPECT_FALSE(ParseHPKPHeader(" max-age =", chain_hashes, &max_age, 157 EXPECT_FALSE(ParseHPKPHeader(
168 &include_subdomains, &hashes)); 158 " max-age =", chain_hashes, &max_age, &include_subdomains, &hashes));
169 EXPECT_FALSE(ParseHPKPHeader(" max-age= ", chain_hashes, &max_age, 159 EXPECT_FALSE(ParseHPKPHeader(
170 &include_subdomains, &hashes)); 160 " max-age= ", chain_hashes, &max_age, &include_subdomains, &hashes));
171 EXPECT_FALSE(ParseHPKPHeader(" max-age = ", chain_hashes, 161 EXPECT_FALSE(ParseHPKPHeader(" max-age = ",
172 &max_age, &include_subdomains, &hashes)); 162 chain_hashes,
173 EXPECT_FALSE(ParseHPKPHeader(" max-age = xy", chain_hashes, 163 &max_age,
174 &max_age, &include_subdomains, &hashes)); 164 &include_subdomains,
165 &hashes));
166 EXPECT_FALSE(ParseHPKPHeader(" max-age = xy",
167 chain_hashes,
168 &max_age,
169 &include_subdomains,
170 &hashes));
175 EXPECT_FALSE(ParseHPKPHeader(" max-age = 3488a923", 171 EXPECT_FALSE(ParseHPKPHeader(" max-age = 3488a923",
176 chain_hashes, &max_age, &include_subdomains, 172 chain_hashes,
173 &max_age,
174 &include_subdomains,
177 &hashes)); 175 &hashes));
178 EXPECT_FALSE(ParseHPKPHeader("max-age=3488a923 ", chain_hashes, 176 EXPECT_FALSE(ParseHPKPHeader("max-age=3488a923 ",
179 &max_age, &include_subdomains, &hashes)); 177 chain_hashes,
180 EXPECT_FALSE(ParseHPKPHeader("max-ag=3488923pins=" + good_pin + "," + 178 &max_age,
181 backup_pin, 179 &include_subdomains,
182 chain_hashes, &max_age, &include_subdomains,
183 &hashes)); 180 &hashes));
181 EXPECT_FALSE(
182 ParseHPKPHeader("max-ag=3488923pins=" + good_pin + "," + backup_pin,
183 chain_hashes,
184 &max_age,
185 &include_subdomains,
186 &hashes));
184 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923" + backup_pin, 187 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923" + backup_pin,
185 chain_hashes, &max_age, &include_subdomains, 188 chain_hashes,
189 &max_age,
190 &include_subdomains,
186 &hashes)); 191 &hashes));
187 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + backup_pin, 192 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + backup_pin,
188 chain_hashes, &max_age, &include_subdomains, 193 chain_hashes,
194 &max_age,
195 &include_subdomains,
189 &hashes)); 196 &hashes));
190 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + backup_pin + ";" + 197 EXPECT_FALSE(
191 backup_pin, 198 ParseHPKPHeader("max-aged=3488923; " + backup_pin + ";" + backup_pin,
192 chain_hashes, &max_age, &include_subdomains, 199 chain_hashes,
193 &hashes)); 200 &max_age,
194 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + good_pin + ";" + 201 &include_subdomains,
195 good_pin, 202 &hashes));
196 chain_hashes, &max_age, &include_subdomains, 203 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + good_pin + ";" + good_pin,
204 chain_hashes,
205 &max_age,
206 &include_subdomains,
197 &hashes)); 207 &hashes));
198 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + good_pin, 208 EXPECT_FALSE(ParseHPKPHeader("max-aged=3488923; " + good_pin,
199 chain_hashes, &max_age, &include_subdomains, 209 chain_hashes,
210 &max_age,
211 &include_subdomains,
200 &hashes)); 212 &hashes));
201 EXPECT_FALSE(ParseHPKPHeader("max-age==3488923", chain_hashes, &max_age, 213 EXPECT_FALSE(ParseHPKPHeader("max-age==3488923",
202 &include_subdomains, &hashes)); 214 chain_hashes,
203 EXPECT_FALSE(ParseHPKPHeader("amax-age=3488923", chain_hashes, &max_age, 215 &max_age,
204 &include_subdomains, &hashes)); 216 &include_subdomains,
205 EXPECT_FALSE(ParseHPKPHeader("max-age=-3488923", chain_hashes, &max_age, 217 &hashes));
206 &include_subdomains, &hashes)); 218 EXPECT_FALSE(ParseHPKPHeader("amax-age=3488923",
207 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923;", chain_hashes, &max_age, 219 chain_hashes,
208 &include_subdomains, &hashes)); 220 &max_age,
209 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923 e", chain_hashes, 221 &include_subdomains,
210 &max_age, &include_subdomains, &hashes)); 222 &hashes));
223 EXPECT_FALSE(ParseHPKPHeader("max-age=-3488923",
224 chain_hashes,
225 &max_age,
226 &include_subdomains,
227 &hashes));
228 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923;",
229 chain_hashes,
230 &max_age,
231 &include_subdomains,
232 &hashes));
233 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923 e",
234 chain_hashes,
235 &max_age,
236 &include_subdomains,
237 &hashes));
211 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923 includesubdomain", 238 EXPECT_FALSE(ParseHPKPHeader("max-age=3488923 includesubdomain",
212 chain_hashes, &max_age, &include_subdomains, 239 chain_hashes,
240 &max_age,
241 &include_subdomains,
213 &hashes)); 242 &hashes));
214 EXPECT_FALSE(ParseHPKPHeader("max-age=34889.23", chain_hashes, &max_age, 243 EXPECT_FALSE(ParseHPKPHeader("max-age=34889.23",
215 &include_subdomains, &hashes)); 244 chain_hashes,
245 &max_age,
246 &include_subdomains,
247 &hashes));
216 248
217 // Check the out args were not updated by checking the default 249 // Check the out args were not updated by checking the default
218 // values for its predictable fields. 250 // values for its predictable fields.
219 EXPECT_EQ(0, max_age.InSeconds()); 251 EXPECT_EQ(0, max_age.InSeconds());
220 EXPECT_EQ(hashes.size(), (size_t)0); 252 EXPECT_EQ(hashes.size(), (size_t)0);
221 } 253 }
222 254
223 TEST_F(HttpSecurityHeadersTest, ValidSTSHeaders) { 255 TEST_F(HttpSecurityHeadersTest, ValidSTSHeaders) {
224 base::TimeDelta max_age; 256 base::TimeDelta max_age;
225 base::TimeDelta expect_max_age; 257 base::TimeDelta expect_max_age;
226 bool include_subdomains = false; 258 bool include_subdomains = false;
227 259
228 EXPECT_TRUE(ParseHSTSHeader("max-age=243", &max_age, 260 EXPECT_TRUE(ParseHSTSHeader("max-age=243", &max_age, &include_subdomains));
229 &include_subdomains));
230 expect_max_age = base::TimeDelta::FromSeconds(243); 261 expect_max_age = base::TimeDelta::FromSeconds(243);
231 EXPECT_EQ(expect_max_age, max_age); 262 EXPECT_EQ(expect_max_age, max_age);
232 EXPECT_FALSE(include_subdomains); 263 EXPECT_FALSE(include_subdomains);
233 264
234 EXPECT_TRUE(ParseHSTSHeader("max-age=3488923;", &max_age, 265 EXPECT_TRUE(
235 &include_subdomains)); 266 ParseHSTSHeader("max-age=3488923;", &max_age, &include_subdomains));
236 267
237 EXPECT_TRUE(ParseHSTSHeader(" Max-agE = 567", &max_age, 268 EXPECT_TRUE(
238 &include_subdomains)); 269 ParseHSTSHeader(" Max-agE = 567", &max_age, &include_subdomains));
239 expect_max_age = base::TimeDelta::FromSeconds(567); 270 expect_max_age = base::TimeDelta::FromSeconds(567);
240 EXPECT_EQ(expect_max_age, max_age); 271 EXPECT_EQ(expect_max_age, max_age);
241 EXPECT_FALSE(include_subdomains); 272 EXPECT_FALSE(include_subdomains);
242 273
243 EXPECT_TRUE(ParseHSTSHeader(" mAx-aGe = 890 ", &max_age, 274 EXPECT_TRUE(ParseHSTSHeader(
244 &include_subdomains)); 275 " mAx-aGe = 890 ", &max_age, &include_subdomains));
245 expect_max_age = base::TimeDelta::FromSeconds(890); 276 expect_max_age = base::TimeDelta::FromSeconds(890);
246 EXPECT_EQ(expect_max_age, max_age); 277 EXPECT_EQ(expect_max_age, max_age);
247 EXPECT_FALSE(include_subdomains); 278 EXPECT_FALSE(include_subdomains);
248 279
249 EXPECT_TRUE(ParseHSTSHeader("max-age=123;incLudesUbdOmains", &max_age, 280 EXPECT_TRUE(ParseHSTSHeader(
281 "max-age=123;incLudesUbdOmains", &max_age, &include_subdomains));
282 expect_max_age = base::TimeDelta::FromSeconds(123);
283 EXPECT_EQ(expect_max_age, max_age);
284 EXPECT_TRUE(include_subdomains);
285
286 EXPECT_TRUE(ParseHSTSHeader(
287 "incLudesUbdOmains; max-age=123", &max_age, &include_subdomains));
288 expect_max_age = base::TimeDelta::FromSeconds(123);
289 EXPECT_EQ(expect_max_age, max_age);
290 EXPECT_TRUE(include_subdomains);
291
292 EXPECT_TRUE(ParseHSTSHeader(
293 " incLudesUbdOmains; max-age=123", &max_age, &include_subdomains));
294 expect_max_age = base::TimeDelta::FromSeconds(123);
295 EXPECT_EQ(expect_max_age, max_age);
296 EXPECT_TRUE(include_subdomains);
297
298 EXPECT_TRUE(
299 ParseHSTSHeader(" incLudesUbdOmains; max-age=123; pumpkin=kitten",
300 &max_age,
301 &include_subdomains));
302 expect_max_age = base::TimeDelta::FromSeconds(123);
303 EXPECT_EQ(expect_max_age, max_age);
304 EXPECT_TRUE(include_subdomains);
305
306 EXPECT_TRUE(
307 ParseHSTSHeader(" pumpkin=894; incLudesUbdOmains; max-age=123 ",
308 &max_age,
309 &include_subdomains));
310 expect_max_age = base::TimeDelta::FromSeconds(123);
311 EXPECT_EQ(expect_max_age, max_age);
312 EXPECT_TRUE(include_subdomains);
313
314 EXPECT_TRUE(ParseHSTSHeader(" pumpkin; incLudesUbdOmains; max-age=123 ",
315 &max_age,
250 &include_subdomains)); 316 &include_subdomains));
251 expect_max_age = base::TimeDelta::FromSeconds(123); 317 expect_max_age = base::TimeDelta::FromSeconds(123);
252 EXPECT_EQ(expect_max_age, max_age); 318 EXPECT_EQ(expect_max_age, max_age);
253 EXPECT_TRUE(include_subdomains); 319 EXPECT_TRUE(include_subdomains);
254 320
255 EXPECT_TRUE(ParseHSTSHeader("incLudesUbdOmains; max-age=123", &max_age, 321 EXPECT_TRUE(
256 &include_subdomains)); 322 ParseHSTSHeader(" pumpkin; incLudesUbdOmains; max-age=\"123\" ",
257 expect_max_age = base::TimeDelta::FromSeconds(123); 323 &max_age,
258 EXPECT_EQ(expect_max_age, max_age); 324 &include_subdomains));
259 EXPECT_TRUE(include_subdomains);
260
261 EXPECT_TRUE(ParseHSTSHeader(" incLudesUbdOmains; max-age=123",
262 &max_age, &include_subdomains));
263 expect_max_age = base::TimeDelta::FromSeconds(123);
264 EXPECT_EQ(expect_max_age, max_age);
265 EXPECT_TRUE(include_subdomains);
266
267 EXPECT_TRUE(ParseHSTSHeader(
268 " incLudesUbdOmains; max-age=123; pumpkin=kitten", &max_age,
269 &include_subdomains));
270 expect_max_age = base::TimeDelta::FromSeconds(123);
271 EXPECT_EQ(expect_max_age, max_age);
272 EXPECT_TRUE(include_subdomains);
273
274 EXPECT_TRUE(ParseHSTSHeader(
275 " pumpkin=894; incLudesUbdOmains; max-age=123 ", &max_age,
276 &include_subdomains));
277 expect_max_age = base::TimeDelta::FromSeconds(123);
278 EXPECT_EQ(expect_max_age, max_age);
279 EXPECT_TRUE(include_subdomains);
280
281 EXPECT_TRUE(ParseHSTSHeader(
282 " pumpkin; incLudesUbdOmains; max-age=123 ", &max_age,
283 &include_subdomains));
284 expect_max_age = base::TimeDelta::FromSeconds(123);
285 EXPECT_EQ(expect_max_age, max_age);
286 EXPECT_TRUE(include_subdomains);
287
288 EXPECT_TRUE(ParseHSTSHeader(
289 " pumpkin; incLudesUbdOmains; max-age=\"123\" ", &max_age,
290 &include_subdomains));
291 expect_max_age = base::TimeDelta::FromSeconds(123); 325 expect_max_age = base::TimeDelta::FromSeconds(123);
292 EXPECT_EQ(expect_max_age, max_age); 326 EXPECT_EQ(expect_max_age, max_age);
293 EXPECT_TRUE(include_subdomains); 327 EXPECT_TRUE(include_subdomains);
294 328
295 EXPECT_TRUE(ParseHSTSHeader( 329 EXPECT_TRUE(ParseHSTSHeader(
296 "animal=\"squirrel; distinguished\"; incLudesUbdOmains; max-age=123", 330 "animal=\"squirrel; distinguished\"; incLudesUbdOmains; max-age=123",
297 &max_age, &include_subdomains)); 331 &max_age,
332 &include_subdomains));
298 expect_max_age = base::TimeDelta::FromSeconds(123); 333 expect_max_age = base::TimeDelta::FromSeconds(123);
299 EXPECT_EQ(expect_max_age, max_age); 334 EXPECT_EQ(expect_max_age, max_age);
300 EXPECT_TRUE(include_subdomains); 335 EXPECT_TRUE(include_subdomains);
301 336
302 EXPECT_TRUE(ParseHSTSHeader("max-age=394082; incLudesUbdOmains", 337 EXPECT_TRUE(ParseHSTSHeader(
303 &max_age, &include_subdomains)); 338 "max-age=394082; incLudesUbdOmains", &max_age, &include_subdomains));
304 expect_max_age = base::TimeDelta::FromSeconds(394082); 339 expect_max_age = base::TimeDelta::FromSeconds(394082);
305 EXPECT_EQ(expect_max_age, max_age); 340 EXPECT_EQ(expect_max_age, max_age);
306 EXPECT_TRUE(include_subdomains); 341 EXPECT_TRUE(include_subdomains);
307 342
308 EXPECT_TRUE(ParseHSTSHeader( 343 EXPECT_TRUE(ParseHSTSHeader(
309 "max-age=39408299 ;incLudesUbdOmains", &max_age, 344 "max-age=39408299 ;incLudesUbdOmains", &max_age, &include_subdomains));
310 &include_subdomains));
311 expect_max_age = base::TimeDelta::FromSeconds( 345 expect_max_age = base::TimeDelta::FromSeconds(
312 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(39408299)))); 346 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(39408299))));
313 EXPECT_EQ(expect_max_age, max_age); 347 EXPECT_EQ(expect_max_age, max_age);
314 EXPECT_TRUE(include_subdomains); 348 EXPECT_TRUE(include_subdomains);
315 349
316 EXPECT_TRUE(ParseHSTSHeader( 350 EXPECT_TRUE(ParseHSTSHeader(
317 "max-age=394082038 ; incLudesUbdOmains", &max_age, 351 "max-age=394082038 ; incLudesUbdOmains", &max_age, &include_subdomains));
352 expect_max_age = base::TimeDelta::FromSeconds(
353 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
354 EXPECT_EQ(expect_max_age, max_age);
355 EXPECT_TRUE(include_subdomains);
356
357 EXPECT_TRUE(ParseHSTSHeader("max-age=394082038 ; incLudesUbdOmains;",
358 &max_age,
359 &include_subdomains));
360 expect_max_age = base::TimeDelta::FromSeconds(
361 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
362 EXPECT_EQ(expect_max_age, max_age);
363 EXPECT_TRUE(include_subdomains);
364
365 EXPECT_TRUE(ParseHSTSHeader(";; max-age=394082038 ; incLudesUbdOmains; ;",
366 &max_age,
367 &include_subdomains));
368 expect_max_age = base::TimeDelta::FromSeconds(
369 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
370 EXPECT_EQ(expect_max_age, max_age);
371 EXPECT_TRUE(include_subdomains);
372
373 EXPECT_TRUE(ParseHSTSHeader(
374 ";; max-age=394082038 ;", &max_age, &include_subdomains));
375 expect_max_age = base::TimeDelta::FromSeconds(
376 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
377 EXPECT_EQ(expect_max_age, max_age);
378 EXPECT_FALSE(include_subdomains);
379
380 EXPECT_TRUE(ParseHSTSHeader(
381 ";; ; ; max-age=394082038;;; includeSubdomains ;; ;",
382 &max_age,
318 &include_subdomains)); 383 &include_subdomains));
319 expect_max_age = base::TimeDelta::FromSeconds( 384 expect_max_age = base::TimeDelta::FromSeconds(
320 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038)))); 385 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
321 EXPECT_EQ(expect_max_age, max_age); 386 EXPECT_EQ(expect_max_age, max_age);
322 EXPECT_TRUE(include_subdomains); 387 EXPECT_TRUE(include_subdomains);
323 388
324 EXPECT_TRUE(ParseHSTSHeader( 389 EXPECT_TRUE(ParseHSTSHeader("incLudesUbdOmains ; max-age=394082038 ;;",
325 "max-age=394082038 ; incLudesUbdOmains;", &max_age, 390 &max_age,
326 &include_subdomains)); 391 &include_subdomains));
327 expect_max_age = base::TimeDelta::FromSeconds( 392 expect_max_age = base::TimeDelta::FromSeconds(
328 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038)))); 393 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
329 EXPECT_EQ(expect_max_age, max_age); 394 EXPECT_EQ(expect_max_age, max_age);
330 EXPECT_TRUE(include_subdomains); 395 EXPECT_TRUE(include_subdomains);
331 396
332 EXPECT_TRUE(ParseHSTSHeader( 397 EXPECT_TRUE(ParseHSTSHeader(
333 ";; max-age=394082038 ; incLudesUbdOmains; ;", &max_age, 398 " max-age=0 ; incLudesUbdOmains ", &max_age, &include_subdomains));
334 &include_subdomains));
335 expect_max_age = base::TimeDelta::FromSeconds(
336 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
337 EXPECT_EQ(expect_max_age, max_age);
338 EXPECT_TRUE(include_subdomains);
339
340 EXPECT_TRUE(ParseHSTSHeader(
341 ";; max-age=394082038 ;", &max_age,
342 &include_subdomains));
343 expect_max_age = base::TimeDelta::FromSeconds(
344 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
345 EXPECT_EQ(expect_max_age, max_age);
346 EXPECT_FALSE(include_subdomains);
347
348 EXPECT_TRUE(ParseHSTSHeader(
349 ";; ; ; max-age=394082038;;; includeSubdomains ;; ;", &max_age,
350 &include_subdomains));
351 expect_max_age = base::TimeDelta::FromSeconds(
352 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
353 EXPECT_EQ(expect_max_age, max_age);
354 EXPECT_TRUE(include_subdomains);
355
356 EXPECT_TRUE(ParseHSTSHeader(
357 "incLudesUbdOmains ; max-age=394082038 ;;", &max_age,
358 &include_subdomains));
359 expect_max_age = base::TimeDelta::FromSeconds(
360 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
361 EXPECT_EQ(expect_max_age, max_age);
362 EXPECT_TRUE(include_subdomains);
363
364 EXPECT_TRUE(ParseHSTSHeader(
365 " max-age=0 ; incLudesUbdOmains ", &max_age,
366 &include_subdomains));
367 expect_max_age = base::TimeDelta::FromSeconds(0); 399 expect_max_age = base::TimeDelta::FromSeconds(0);
368 EXPECT_EQ(expect_max_age, max_age); 400 EXPECT_EQ(expect_max_age, max_age);
369 EXPECT_TRUE(include_subdomains); 401 EXPECT_TRUE(include_subdomains);
370 402
371 EXPECT_TRUE(ParseHSTSHeader( 403 EXPECT_TRUE(ParseHSTSHeader(
372 " max-age=999999999999999999999999999999999999999999999 ;" 404 " max-age=999999999999999999999999999999999999999999999 ;"
373 " incLudesUbdOmains ", &max_age, &include_subdomains)); 405 " incLudesUbdOmains ",
374 expect_max_age = base::TimeDelta::FromSeconds( 406 &max_age,
375 kMaxHSTSAgeSecs); 407 &include_subdomains));
408 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs);
376 EXPECT_EQ(expect_max_age, max_age); 409 EXPECT_EQ(expect_max_age, max_age);
377 EXPECT_TRUE(include_subdomains); 410 EXPECT_TRUE(include_subdomains);
378 } 411 }
379 412
380 static void TestValidPKPHeaders(HashValueTag tag) { 413 static void TestValidPKPHeaders(HashValueTag tag) {
381 base::TimeDelta max_age; 414 base::TimeDelta max_age;
382 base::TimeDelta expect_max_age; 415 base::TimeDelta expect_max_age;
383 bool include_subdomains; 416 bool include_subdomains;
384 HashValueVector hashes; 417 HashValueVector hashes;
385 HashValueVector chain_hashes; 418 HashValueVector chain_hashes;
386 419
387 // Set some fake "chain" hashes into chain_hashes 420 // Set some fake "chain" hashes into chain_hashes
388 chain_hashes.push_back(GetTestHashValue(1, tag)); 421 chain_hashes.push_back(GetTestHashValue(1, tag));
389 chain_hashes.push_back(GetTestHashValue(2, tag)); 422 chain_hashes.push_back(GetTestHashValue(2, tag));
390 chain_hashes.push_back(GetTestHashValue(3, tag)); 423 chain_hashes.push_back(GetTestHashValue(3, tag));
391 424
392 // The good pin must be in the chain, the backup pin must not be 425 // The good pin must be in the chain, the backup pin must not be
393 std::string good_pin = GetTestPin(2, tag); 426 std::string good_pin = GetTestPin(2, tag);
394 std::string backup_pin = GetTestPin(4, tag); 427 std::string backup_pin = GetTestPin(4, tag);
395 428
396 EXPECT_TRUE(ParseHPKPHeader( 429 EXPECT_TRUE(ParseHPKPHeader("max-age=243; " + good_pin + ";" + backup_pin,
397 "max-age=243; " + good_pin + ";" + backup_pin, 430 chain_hashes,
398 chain_hashes, &max_age, &include_subdomains, &hashes)); 431 &max_age,
432 &include_subdomains,
433 &hashes));
399 expect_max_age = base::TimeDelta::FromSeconds(243); 434 expect_max_age = base::TimeDelta::FromSeconds(243);
400 EXPECT_EQ(expect_max_age, max_age); 435 EXPECT_EQ(expect_max_age, max_age);
401 EXPECT_FALSE(include_subdomains); 436 EXPECT_FALSE(include_subdomains);
402 437
403 EXPECT_TRUE(ParseHPKPHeader( 438 EXPECT_TRUE(ParseHPKPHeader(
404 " " + good_pin + "; " + backup_pin + " ; Max-agE = 567", 439 " " + good_pin + "; " + backup_pin + " ; Max-agE = 567",
405 chain_hashes, &max_age, &include_subdomains, &hashes)); 440 chain_hashes,
441 &max_age,
442 &include_subdomains,
443 &hashes));
406 expect_max_age = base::TimeDelta::FromSeconds(567); 444 expect_max_age = base::TimeDelta::FromSeconds(567);
407 EXPECT_EQ(expect_max_age, max_age); 445 EXPECT_EQ(expect_max_age, max_age);
408 EXPECT_FALSE(include_subdomains); 446 EXPECT_FALSE(include_subdomains);
409 447
410 EXPECT_TRUE(ParseHPKPHeader( 448 EXPECT_TRUE(ParseHPKPHeader("includeSubDOMAINS;" + good_pin + ";" +
411 "includeSubDOMAINS;" + good_pin + ";" + backup_pin + 449 backup_pin + " ; mAx-aGe = 890 ",
412 " ; mAx-aGe = 890 ", 450 chain_hashes,
413 chain_hashes, &max_age, &include_subdomains, &hashes)); 451 &max_age,
452 &include_subdomains,
453 &hashes));
414 expect_max_age = base::TimeDelta::FromSeconds(890); 454 expect_max_age = base::TimeDelta::FromSeconds(890);
415 EXPECT_EQ(expect_max_age, max_age); 455 EXPECT_EQ(expect_max_age, max_age);
416 EXPECT_TRUE(include_subdomains); 456 EXPECT_TRUE(include_subdomains);
417 457
418 EXPECT_TRUE(ParseHPKPHeader( 458 EXPECT_TRUE(
419 good_pin + ";" + backup_pin + "; max-age=123;IGNORED;", 459 ParseHPKPHeader(good_pin + ";" + backup_pin + "; max-age=123;IGNORED;",
420 chain_hashes, &max_age, &include_subdomains, &hashes)); 460 chain_hashes,
461 &max_age,
462 &include_subdomains,
463 &hashes));
421 expect_max_age = base::TimeDelta::FromSeconds(123); 464 expect_max_age = base::TimeDelta::FromSeconds(123);
422 EXPECT_EQ(expect_max_age, max_age); 465 EXPECT_EQ(expect_max_age, max_age);
423 EXPECT_FALSE(include_subdomains); 466 EXPECT_FALSE(include_subdomains);
424 467
425 EXPECT_TRUE(ParseHPKPHeader( 468 EXPECT_TRUE(
426 "max-age=394082;" + backup_pin + ";" + good_pin + "; ", 469 ParseHPKPHeader("max-age=394082;" + backup_pin + ";" + good_pin + "; ",
427 chain_hashes, &max_age, &include_subdomains, &hashes)); 470 chain_hashes,
471 &max_age,
472 &include_subdomains,
473 &hashes));
428 expect_max_age = base::TimeDelta::FromSeconds(394082); 474 expect_max_age = base::TimeDelta::FromSeconds(394082);
429 EXPECT_EQ(expect_max_age, max_age); 475 EXPECT_EQ(expect_max_age, max_age);
430 EXPECT_FALSE(include_subdomains); 476 EXPECT_FALSE(include_subdomains);
431 477
432 EXPECT_TRUE(ParseHPKPHeader( 478 EXPECT_TRUE(ParseHPKPHeader(
433 "max-age=39408299 ;" + backup_pin + ";" + good_pin + "; ", 479 "max-age=39408299 ;" + backup_pin + ";" + good_pin + "; ",
434 chain_hashes, &max_age, &include_subdomains, &hashes)); 480 chain_hashes,
481 &max_age,
482 &include_subdomains,
483 &hashes));
435 expect_max_age = base::TimeDelta::FromSeconds( 484 expect_max_age = base::TimeDelta::FromSeconds(
436 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(39408299)))); 485 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(39408299))));
437 EXPECT_EQ(expect_max_age, max_age); 486 EXPECT_EQ(expect_max_age, max_age);
438 EXPECT_FALSE(include_subdomains); 487 EXPECT_FALSE(include_subdomains);
439 488
440 EXPECT_TRUE(ParseHPKPHeader( 489 EXPECT_TRUE(ParseHPKPHeader(
441 "max-age=39408038 ; cybers=39408038 ; includeSubdomains; " + 490 "max-age=39408038 ; cybers=39408038 ; includeSubdomains; " +
442 good_pin + ";" + backup_pin + "; ", 491 good_pin + ";" + backup_pin + "; ",
443 chain_hashes, &max_age, &include_subdomains, &hashes)); 492 chain_hashes,
493 &max_age,
494 &include_subdomains,
495 &hashes));
444 expect_max_age = base::TimeDelta::FromSeconds( 496 expect_max_age = base::TimeDelta::FromSeconds(
445 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038)))); 497 std::min(kMaxHSTSAgeSecs, static_cast<int64>(GG_INT64_C(394082038))));
446 EXPECT_EQ(expect_max_age, max_age); 498 EXPECT_EQ(expect_max_age, max_age);
447 EXPECT_TRUE(include_subdomains); 499 EXPECT_TRUE(include_subdomains);
448 500
449 EXPECT_TRUE(ParseHPKPHeader( 501 EXPECT_TRUE(ParseHPKPHeader(" max-age=0 ; " + good_pin + ";" + backup_pin,
450 " max-age=0 ; " + good_pin + ";" + backup_pin, 502 chain_hashes,
451 chain_hashes, &max_age, &include_subdomains, &hashes)); 503 &max_age,
504 &include_subdomains,
505 &hashes));
452 expect_max_age = base::TimeDelta::FromSeconds(0); 506 expect_max_age = base::TimeDelta::FromSeconds(0);
453 EXPECT_EQ(expect_max_age, max_age); 507 EXPECT_EQ(expect_max_age, max_age);
454 EXPECT_FALSE(include_subdomains); 508 EXPECT_FALSE(include_subdomains);
455 509
456 EXPECT_TRUE(ParseHPKPHeader( 510 EXPECT_TRUE(ParseHPKPHeader(
457 " max-age=0 ; includeSubdomains; " + good_pin + ";" + backup_pin, 511 " max-age=0 ; includeSubdomains; " + good_pin + ";" + backup_pin,
458 chain_hashes, &max_age, &include_subdomains, &hashes)); 512 chain_hashes,
513 &max_age,
514 &include_subdomains,
515 &hashes));
459 expect_max_age = base::TimeDelta::FromSeconds(0); 516 expect_max_age = base::TimeDelta::FromSeconds(0);
460 EXPECT_EQ(expect_max_age, max_age); 517 EXPECT_EQ(expect_max_age, max_age);
461 EXPECT_TRUE(include_subdomains); 518 EXPECT_TRUE(include_subdomains);
462 519
463 EXPECT_TRUE(ParseHPKPHeader( 520 EXPECT_TRUE(ParseHPKPHeader(
464 " max-age=999999999999999999999999999999999999999999999 ; " + 521 " max-age=999999999999999999999999999999999999999999999 ; " +
465 backup_pin + ";" + good_pin + "; ", 522 backup_pin + ";" + good_pin + "; ",
466 chain_hashes, &max_age, &include_subdomains, &hashes)); 523 chain_hashes,
524 &max_age,
525 &include_subdomains,
526 &hashes));
467 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs); 527 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs);
468 EXPECT_EQ(expect_max_age, max_age); 528 EXPECT_EQ(expect_max_age, max_age);
469 EXPECT_FALSE(include_subdomains); 529 EXPECT_FALSE(include_subdomains);
470 530
471 // Test that parsing the same header twice doesn't duplicate the recorded 531 // Test that parsing the same header twice doesn't duplicate the recorded
472 // hashes. 532 // hashes.
473 hashes.clear(); 533 hashes.clear();
474 EXPECT_TRUE(ParseHPKPHeader( 534 EXPECT_TRUE(
475 " max-age=999; " + 535 ParseHPKPHeader(" max-age=999; " + backup_pin + ";" + good_pin + "; ",
476 backup_pin + ";" + good_pin + "; ", 536 chain_hashes,
477 chain_hashes, &max_age, &include_subdomains, &hashes)); 537 &max_age,
538 &include_subdomains,
539 &hashes));
478 EXPECT_EQ(2u, hashes.size()); 540 EXPECT_EQ(2u, hashes.size());
479 EXPECT_TRUE(ParseHPKPHeader( 541 EXPECT_TRUE(
480 " max-age=999; " + 542 ParseHPKPHeader(" max-age=999; " + backup_pin + ";" + good_pin + "; ",
481 backup_pin + ";" + good_pin + "; ", 543 chain_hashes,
482 chain_hashes, &max_age, &include_subdomains, &hashes)); 544 &max_age,
545 &include_subdomains,
546 &hashes));
483 EXPECT_EQ(2u, hashes.size()); 547 EXPECT_EQ(2u, hashes.size());
484 } 548 }
485 549
486 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) { 550 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) {
487 TestBogusPinsHeaders(HASH_VALUE_SHA1); 551 TestBogusPinsHeaders(HASH_VALUE_SHA1);
488 } 552 }
489 553
490 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) { 554 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) {
491 TestBogusPinsHeaders(HASH_VALUE_SHA256); 555 TestBogusPinsHeaders(HASH_VALUE_SHA256);
492 } 556 }
(...skipping 23 matching lines...) Expand all
516 std::string backup_pin = GetTestPin(2, HASH_VALUE_SHA1); 580 std::string backup_pin = GetTestPin(2, HASH_VALUE_SHA1);
517 std::string header = "max-age = 10000; " + good_pin + "; " + backup_pin; 581 std::string header = "max-age = 10000; " + good_pin + "; " + backup_pin;
518 582
519 // Construct a fake SSLInfo that will pass AddHPKPHeader's checks. 583 // Construct a fake SSLInfo that will pass AddHPKPHeader's checks.
520 SSLInfo ssl_info; 584 SSLInfo ssl_info;
521 ssl_info.public_key_hashes.push_back(good_hash); 585 ssl_info.public_key_hashes.push_back(good_hash);
522 ssl_info.public_key_hashes.push_back(saved_hashes[0]); 586 ssl_info.public_key_hashes.push_back(saved_hashes[0]);
523 EXPECT_TRUE(state.AddHPKPHeader(domain, header, ssl_info)); 587 EXPECT_TRUE(state.AddHPKPHeader(domain, header, ssl_info));
524 588
525 // Expect the preloaded state to remain unchanged. 589 // Expect the preloaded state to remain unchanged.
526 std::string canonicalized_host = TransportSecurityState::CanonicalizeHost( 590 std::string canonicalized_host =
527 domain); 591 TransportSecurityState::CanonicalizeHost(domain);
528 TransportSecurityState::DomainState static_domain_state; 592 TransportSecurityState::DomainState static_domain_state;
529 EXPECT_TRUE(state.GetStaticDomainState(canonicalized_host, 593 EXPECT_TRUE(state.GetStaticDomainState(
530 true, 594 canonicalized_host, true, &static_domain_state));
531 &static_domain_state));
532 for (size_t i = 0; i < saved_hashes.size(); ++i) { 595 for (size_t i = 0; i < saved_hashes.size(); ++i) {
533 EXPECT_TRUE(HashValuesEqual( 596 EXPECT_TRUE(HashValuesEqual(saved_hashes[i])(
534 saved_hashes[i])(static_domain_state.static_spki_hashes[i])); 597 static_domain_state.static_spki_hashes[i]));
535 } 598 }
536 599
537 // Expect the dynamic state to reflect the header. 600 // Expect the dynamic state to reflect the header.
538 TransportSecurityState::DomainState dynamic_domain_state; 601 TransportSecurityState::DomainState dynamic_domain_state;
539 EXPECT_TRUE(state.GetDynamicDomainState(domain, &dynamic_domain_state)); 602 EXPECT_TRUE(state.GetDynamicDomainState(domain, &dynamic_domain_state));
540 EXPECT_EQ(2UL, dynamic_domain_state.dynamic_spki_hashes.size()); 603 EXPECT_EQ(2UL, dynamic_domain_state.dynamic_spki_hashes.size());
541 604
542 HashValueVector::const_iterator hash = std::find_if( 605 HashValueVector::const_iterator hash =
543 dynamic_domain_state.dynamic_spki_hashes.begin(), 606 std::find_if(dynamic_domain_state.dynamic_spki_hashes.begin(),
544 dynamic_domain_state.dynamic_spki_hashes.end(), 607 dynamic_domain_state.dynamic_spki_hashes.end(),
545 HashValuesEqual(good_hash)); 608 HashValuesEqual(good_hash));
546 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); 609 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash);
547 610
548 hash = std::find_if( 611 hash = std::find_if(dynamic_domain_state.dynamic_spki_hashes.begin(),
549 dynamic_domain_state.dynamic_spki_hashes.begin(), 612 dynamic_domain_state.dynamic_spki_hashes.end(),
550 dynamic_domain_state.dynamic_spki_hashes.end(), 613 HashValuesEqual(backup_hash));
551 HashValuesEqual(backup_hash));
552 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); 614 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash);
553 615
554 // Expect the overall state to reflect the header, too. 616 // Expect the overall state to reflect the header, too.
555 EXPECT_TRUE(state.GetDomainState(domain, true, &domain_state)); 617 EXPECT_TRUE(state.GetDomainState(domain, true, &domain_state));
556 EXPECT_EQ(2UL, domain_state.dynamic_spki_hashes.size()); 618 EXPECT_EQ(2UL, domain_state.dynamic_spki_hashes.size());
557 619
558 hash = std::find_if(domain_state.dynamic_spki_hashes.begin(), 620 hash = std::find_if(domain_state.dynamic_spki_hashes.begin(),
559 domain_state.dynamic_spki_hashes.end(), 621 domain_state.dynamic_spki_hashes.end(),
560 HashValuesEqual(good_hash)); 622 HashValuesEqual(good_hash));
561 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); 623 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);
562 624
563 hash = std::find_if( 625 hash = std::find_if(domain_state.dynamic_spki_hashes.begin(),
564 domain_state.dynamic_spki_hashes.begin(), 626 domain_state.dynamic_spki_hashes.end(),
565 domain_state.dynamic_spki_hashes.end(), 627 HashValuesEqual(backup_hash));
566 HashValuesEqual(backup_hash));
567 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); 628 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);
568 } 629 }
569 630
570 }; // namespace net 631 }; // namespace net
OLDNEW
« net/base/mime_util_unittest.cc ('K') | « net/http/http_security_headers.cc ('k') | net/http/http_server_properties.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698